ASAN: turn on more not-enabled-by-default options #33180

pull fanquake wants to merge 2 commits into bitcoin:master from fanquake:asan_strict_string changing 2 files +2 −2
  1. fanquake commented at 9:48 AM on August 13, 2025: member

    strict_string_checks=1:

    If true, check that string arguments are properly null-terminated.

    detect_invalid_pointer_pairs=2:

    If non-zero, try to detect operations like <, <=, >, >= and - on invalid pointer pairs (e.g. when pointers belong to different objects).

    See https://github.com/google/sanitizers/wiki/AddressSanitizerFlags.

  2. test: add strict_string_checks to ASAN options
    https://github.com/google/sanitizers/wiki/AddressSanitizerFlags

> If true, check that string arguments are properly null-terminated.
    4c946e5452
  3. test: add detect_invalid_pointer_pairs to ASAN options
    https://github.com/google/sanitizers/wiki/AddressSanitizerFlags

> If non-zero, try to detect operations like <, <=, >, >=
> and - on invalid pointer pairs (e.g. when pointers belong to
> different objects).
    9445aff6b6
  4. DrahtBot commented at 9:48 AM on August 13, 2025: contributor

    <!--e57a25ab6845829454e8d69fc972939a-->

    The following sections might be updated with supplementary metadata relevant to reviewers and maintainers.

    <!--006a51241073e994b41acfe9ec718e94-->

    Code Coverage & Benchmarks

    For details see: https://corecheck.dev/bitcoin/bitcoin/pulls/33180.

    <!--021abf342d371248e50ceaed478a90ca-->

    Reviews

    See the guideline for information on the review process. A summary of reviews will appear here.

    <!--5faf32d7da4f0f540f40219e4f7537a3-->

  5. in ci/test/03_test_script.sh:11 in 9445aff6b6 
       7 | @@ -8,7 +8,7 @@ export LC_ALL=C.UTF-8
   8 |  
   9 |  set -ex
  10 |  
  11 | -export ASAN_OPTIONS="strict_string_checks=1:detect_leaks=1:detect_stack_use_after_return=1:check_initialization_order=1:strict_init_order=1"
  12 | +export ASAN_OPTIONS="strict_string_checks=1:detect_invalid_pointer_pairs=2:detect_leaks=1:detect_stack_use_after_return=1:check_initialization_order=1:strict_init_order=1"
    stickies-v commented at 1:39 PM on August 13, 2025:

    in 9445aff6b6f4f64c1b63bf9ffe77789f4a65aa0e:

    It doesn't look like we're currently instrumenting with pointer-compare and pointer-subtract sanitizers, so I'm not sure this will actually catch anything until that's changed?

    When I instrument with -DSANITIZERS=address,pointer-compare,pointer-subtract, I get an ASan failure with ASAN_OPTIONS="detect_invalid_pointer_pairs=2". I can't quite make sense of what's triggering it, though.

    <details> <summary>AddressSanitizer: invalid-pointer-pair</summary>

    =================================================================
==41213==ERROR: AddressSanitizer: invalid-pointer-pair: 0x6020000000d2 0x6020000000d0
    [#0](/bitcoin-bitcoin/0/) 0x000104fb35b4 in _GLOBAL__sub_I_bitcoind.cpp bitcoind.cpp
    [#1](/bitcoin-bitcoin/1/) 0x00019b27eef8  (<unknown module>)
    [#2](/bitcoin-bitcoin/2/) 0x00019b2bb898 in invocation function for block in dyld3::MachOAnalyzer::forEachInitializer(Diagnostics&, dyld3::MachOAnalyzer::VMAddrConverter const&, void (unsigned int) block_pointer, void const*) const+0x140 (dyld:arm64e+0xfffffffffff93898)
    [#3](/bitcoin-bitcoin/3/) 0x00019b2db5c8 in invocation function for block in mach_o::Header::forEachSection(void (mach_o::Header::SectionInfo const&, bool&) block_pointer) const+0xec (dyld:arm64e+0xfffffffffffb35c8)
    [#4](/bitcoin-bitcoin/4/) 0x00019b2d8354 in mach_o::Header::forEachLoadCommand(void (load_command const*, bool&) block_pointer) const+0xcc (dyld:arm64e+0xfffffffffffb0354)
    [#5](/bitcoin-bitcoin/5/) 0x00019b2d9a94 in mach_o::Header::forEachSection(void (mach_o::Header::SectionInfo const&, bool&) block_pointer) const+0x78 (dyld:arm64e+0xfffffffffffb1a94)
    [#6](/bitcoin-bitcoin/6/) 0x00019b2bb368 in dyld3::MachOAnalyzer::forEachInitializer(Diagnostics&, dyld3::MachOAnalyzer::VMAddrConverter const&, void (unsigned int) block_pointer, void const*) const+0x200 (dyld:arm64e+0xfffffffffff93368)
    [#7](/bitcoin-bitcoin/7/) 0x00019b27ecb0  (<unknown module>)
    [#8](/bitcoin-bitcoin/8/) 0x00019b28666c  (<unknown module>)
    [#9](/bitcoin-bitcoin/9/) 0x00019b27f45c  (<unknown module>)
    [#10](/bitcoin-bitcoin/10/) 0x00019b283bec  (<unknown module>)
    [#11](/bitcoin-bitcoin/11/) 0x00019b27f778  (<unknown module>)
    [#12](/bitcoin-bitcoin/12/) 0x00019b2a0a1c  (<unknown module>)
    [#13](/bitcoin-bitcoin/13/) 0x00019b263dfc  (<unknown module>)
    [#14](/bitcoin-bitcoin/14/) 0x00019b2631d4 in dyld4::start(dyld4::KernelArgs*, void*, void*)::$_0::operator()() const+0xe8 (dyld:arm64e+0xfffffffffff3b1d4)
    [#15](/bitcoin-bitcoin/15/) 0x00019b262b48 in start+0x176c (dyld:arm64e+0xfffffffffff3ab48)

0x6020000000d2 is located 0 bytes after 2-byte region [0x6020000000d0,0x6020000000d2)
allocated by thread T0 here:
    [#0](/bitcoin-bitcoin/0/) 0x0001071a36e4 in _Znwm+0x74 (libclang_rt.asan_osx_dynamic.dylib:arm64e+0x4b6e4)
    [#1](/bitcoin-bitcoin/1/) 0x000104fb350c in _GLOBAL__sub_I_bitcoind.cpp bitcoind.cpp
    [#2](/bitcoin-bitcoin/2/) 0x00019b27eef8  (<unknown module>)
    [#3](/bitcoin-bitcoin/3/) 0x00019b2bb898 in invocation function for block in dyld3::MachOAnalyzer::forEachInitializer(Diagnostics&, dyld3::MachOAnalyzer::VMAddrConverter const&, void (unsigned int) block_pointer, void const*) const+0x140 (dyld:arm64e+0xfffffffffff93898)
    [#4](/bitcoin-bitcoin/4/) 0x00019b2db5c8 in invocation function for block in mach_o::Header::forEachSection(void (mach_o::Header::SectionInfo const&, bool&) block_pointer) const+0xec (dyld:arm64e+0xfffffffffffb35c8)
    [#5](/bitcoin-bitcoin/5/) 0x00019b2d8354 in mach_o::Header::forEachLoadCommand(void (load_command const*, bool&) block_pointer) const+0xcc (dyld:arm64e+0xfffffffffffb0354)
    [#6](/bitcoin-bitcoin/6/) 0x00019b2d9a94 in mach_o::Header::forEachSection(void (mach_o::Header::SectionInfo const&, bool&) block_pointer) const+0x78 (dyld:arm64e+0xfffffffffffb1a94)
    [#7](/bitcoin-bitcoin/7/) 0x00019b2bb368 in dyld3::MachOAnalyzer::forEachInitializer(Diagnostics&, dyld3::MachOAnalyzer::VMAddrConverter const&, void (unsigned int) block_pointer, void const*) const+0x200 (dyld:arm64e+0xfffffffffff93368)
    [#8](/bitcoin-bitcoin/8/) 0x00019b27ecb0  (<unknown module>)
    [#9](/bitcoin-bitcoin/9/) 0x00019b28666c  (<unknown module>)
    [#10](/bitcoin-bitcoin/10/) 0x00019b27f45c  (<unknown module>)
    [#11](/bitcoin-bitcoin/11/) 0x00019b283bec  (<unknown module>)
    [#12](/bitcoin-bitcoin/12/) 0x00019b27f778  (<unknown module>)
    [#13](/bitcoin-bitcoin/13/) 0x00019b2a0a1c  (<unknown module>)
    [#14](/bitcoin-bitcoin/14/) 0x00019b263dfc  (<unknown module>)
    [#15](/bitcoin-bitcoin/15/) 0x00019b2631d4 in dyld4::start(dyld4::KernelArgs*, void*, void*)::$_0::operator()() const+0xe8 (dyld:arm64e+0xfffffffffff3b1d4)
    [#16](/bitcoin-bitcoin/16/) 0x00019b262b48 in start+0x176c (dyld:arm64e+0xfffffffffff3ab48)

0x6020000000d0 is located 0 bytes inside of 2-byte region [0x6020000000d0,0x6020000000d2)
allocated by thread T0 here:
    [#0](/bitcoin-bitcoin/0/) 0x0001071a36e4 in _Znwm+0x74 (libclang_rt.asan_osx_dynamic.dylib:arm64e+0x4b6e4)
    [#1](/bitcoin-bitcoin/1/) 0x000104fb350c in _GLOBAL__sub_I_bitcoind.cpp bitcoind.cpp
    [#2](/bitcoin-bitcoin/2/) 0x00019b27eef8  (<unknown module>)
    [#3](/bitcoin-bitcoin/3/) 0x00019b2bb898 in invocation function for block in dyld3::MachOAnalyzer::forEachInitializer(Diagnostics&, dyld3::MachOAnalyzer::VMAddrConverter const&, void (unsigned int) block_pointer, void const*) const+0x140 (dyld:arm64e+0xfffffffffff93898)
    [#4](/bitcoin-bitcoin/4/) 0x00019b2db5c8 in invocation function for block in mach_o::Header::forEachSection(void (mach_o::Header::SectionInfo const&, bool&) block_pointer) const+0xec (dyld:arm64e+0xfffffffffffb35c8)
    [#5](/bitcoin-bitcoin/5/) 0x00019b2d8354 in mach_o::Header::forEachLoadCommand(void (load_command const*, bool&) block_pointer) const+0xcc (dyld:arm64e+0xfffffffffffb0354)
    [#6](/bitcoin-bitcoin/6/) 0x00019b2d9a94 in mach_o::Header::forEachSection(void (mach_o::Header::SectionInfo const&, bool&) block_pointer) const+0x78 (dyld:arm64e+0xfffffffffffb1a94)
    [#7](/bitcoin-bitcoin/7/) 0x00019b2bb368 in dyld3::MachOAnalyzer::forEachInitializer(Diagnostics&, dyld3::MachOAnalyzer::VMAddrConverter const&, void (unsigned int) block_pointer, void const*) const+0x200 (dyld:arm64e+0xfffffffffff93368)
    [#8](/bitcoin-bitcoin/8/) 0x00019b27ecb0  (<unknown module>)
    [#9](/bitcoin-bitcoin/9/) 0x00019b28666c  (<unknown module>)
    [#10](/bitcoin-bitcoin/10/) 0x00019b27f45c  (<unknown module>)
    [#11](/bitcoin-bitcoin/11/) 0x00019b283bec  (<unknown module>)
    [#12](/bitcoin-bitcoin/12/) 0x00019b27f778  (<unknown module>)
    [#13](/bitcoin-bitcoin/13/) 0x00019b2a0a1c  (<unknown module>)
    [#14](/bitcoin-bitcoin/14/) 0x00019b263dfc  (<unknown module>)
    [#15](/bitcoin-bitcoin/15/) 0x00019b2631d4 in dyld4::start(dyld4::KernelArgs*, void*, void*)::$_0::operator()() const+0xe8 (dyld:arm64e+0xfffffffffff3b1d4)
    [#16](/bitcoin-bitcoin/16/) 0x00019b262b48 in start+0x176c (dyld:arm64e+0xfffffffffff3ab48)

SUMMARY: AddressSanitizer: invalid-pointer-pair bitcoind.cpp in _GLOBAL__sub_I_bitcoind.cpp
==41213==ABORTING

    </details>

  6. fanquake closed this on Oct 21, 2025
  7. fanquake deleted the branch on Nov 5, 2025
Contributors
fanquakeDrahtBotstickies-v
github-metadata-mirror

This is a metadata mirror of the GitHub repository bitcoin/bitcoin. This site is not affiliated with GitHub. Content is generated from a GitHub metadata backup.
generated: 2026-04-26 06:12 UTC
This site is hosted by @0xB10C
More mirrored repositories can be found on mirror.b10c.me